Articles by Able
-
#TBT (ThrowBack Thursday)
#TBT (ThrowBack Thursday)
There have been a number of recent announcements about companies deciding to offer Kubernetes as part of their…
Activity
2K followers
-
Able Palacios shared thisSecure libraries from Chainguard can help protect public sector from these types of attacks.Secure-by-default: Chainguard customers unaffected by the Trivy supply chain attackSecure-by-default: Chainguard customers unaffected by the Trivy supply chain attack
-
Able Palacios reposted thisAble Palacios reposted thisAs I think forward to what the future will look like ahead of the first @Chainguard OS FUD (steering committee), I think about the size and scale of what @Chainguard is doing. If you think about it in terms of sheer package volume, Chainguard has the largest number of managed/supported packages of any vendor. Read that again, of ANY enterprise Linux distribution. When you exclude community managed repositories like EPEL and universal, Chainguard OS is far and away the leader. So why do I exclude community maintained packages and repositories? They simply don't have the same scrutiny as the official repositories. They don't have the same patch cycles or the same SLAs. If you've ever used one of the big Linux distributions, what's the first thing you do? You either turn on EPEL for RedHat or universal for Ubuntu. As soon as you do that, you shift your SLAs to community SLAs. You shift your security away from Enterprise support agreements, to 'best effort' community support. What Chainguard is showing us here is that when you have a fully Enterprise Assisted Open Source Linux Distribution (this is what I'm coining it for now), you have far greater supply chain security coverage. You have one cat to herd instead of 100s. Chainguard doesn't solve everything, but its showing a model where they provide an assurance and security layer above the open source projects. Securing and maintaining OSS is expensive and labor intensive. Most OSS projects only have 1 or 2 maintainers. Many have no maintainers but are still incredibly critical to many businesses. Leveraging AI, now makes it possible to shift the bulk of the work to AI vs. relying on the project maintainer for care and feeding (patching and hardening). Read more about the Chainguard OS Packages announcement and the Chainguard OS FUD in the comments. #SupplyChain #Security #OSS #SecureByDefault #ChainguardOS
-
Able Palacios reposted thisAble Palacios reposted thisThis wave of attacks is still spreading and will make shai-halud look like a first grade project. Multiple security companies hit (Aqua and Checmarx), one of the largest Python projects in the AI space is now quarantined (litellm), worms across PyPI and NPM. GitHub account compromises, repo account compromises. Dockerhub account compromises. And this is still just the first phase. Each one of these leaks dozens to hundreds of other credentials. The impact here is going to be felt for years.
-
Able Palacios reposted thisAble Palacios reposted thisWe're excited to introduce Chainguard Commercial Builds: a new partnership program that brings the same secure-by-default guarantees our customers rely on for our open source artifacts to the commercial software running alongside them. 🤝 Through partnerships with software vendors, we package their software using the same SLSA L3, AI-native Chainguard Factory that powers the Chainguard Catalog. What this means for customers: • Wall-to-wall secure-by-default coverage across the entire stack • Minimal, hardened containers with reduced attack surface • Full provenance, SBOMs, and FIPS readiness • CVE remediation SLAs What this means for commercial vendors: • Ship hardened containers without building and maintaining security pipelines • Meet customer supply chain security expectations out the box • Win regulated deals more easily • Create a potential new revenue stream through rev sharing We’re excited to launch with early partners including Azul, Chainloop, Elastic, Expanso, F5 NGINX, GitLab, Grafana Labs, Mattermost, Nirmata, Percona, Smallstep, and Tiger Data (creators of TimescaleDB). Commercial Builds are available in the Chainguard Catalog today! https://lnkd.in/gPTtjzJX
-
Able Palacios reposted thisAble Palacios reposted this🐍 Most Python applications trust hundreds of dependencies they didn’t build. 🐍 That’s the reality of modern software. The Python ecosystem moves fast because of PyPI, but that speed also creates real challenges for teams trying to ship secure software: • You rarely know how a package was built • Vulnerabilities can remain in packages long after fixes exist • Transitive dependencies quietly expand your attack surface • Provenance and integrity are often hard to verify One emerging approach to improving this is secure package rebuilds. Instead of consuming prebuilt artifacts directly from public registries, packages can be rebuilt from source in a controlled environment, with supply chain security practices baked in — such as provenance, vulnerability remediation, and reproducible builds. This is the idea behind Chainguard Libraries for Python: providing Python packages rebuilt securely from source while staying compatible with standard Python tooling. If you're interested in how this works (and why it matters for Python supply chains), this overview breaks it down: https://lnkd.in/gm9Fq9Rf
-
Able Palacios shared thisAt the Billington State and Local CyberSecurity Summit this morning, Nick Andersen made a point that stuck with me: Cybersecurity leaders can no longer plan around a traditional 10–14 day patch cycle for critical threats. That timeline was built for a different era. Today, AI is accelerating exploitation, shrinking response windows, and raising the cost of operational delay. When adversaries can move in days, “we’ll get it in the next maintenance window” is no longer a serious risk strategy. For public sector teams, that means the conversation has to be bigger than just patching faster. It also has to include reducing the vulnerability burden those teams inherit from the software they run. That is a big part of why software supply chain security matters. If remediation windows keep shrinking, organizations need to reduce the avoidable risk they inherit from the software they run. That is exactly why Chainguard is relevant to this conversation. #Cybersecurity #PublicSector #SoftwareSupplyChain #Chainguard
-
Able Palacios shared thisFriday Funny to end the week... I saw a post promoting AI-driven AppSec that basically says the competitive question is changing. Today: “We find bugs faster.” Tomorrow: “AI finds the bug and writes the patch in the same session.” (still pretty early/preview-y.) It immediately made me think of great rapper/philosopher...Lil' Jon: “Don’t start no stuff, won’t be no stuff.” Which is kind of the Chainguard take: Instead of racing to find bugs faster—or someday find and fix them automatically faster—maybe the move is to start with fewer bugs in the first place. Happy Friday. 🙂 #AppSec #DevSecOps #OpenSource #SoftwareSupplyChain
-
Able Palacios shared thisI’ve always felt proud of work like this — especially from my time at Red Hat. Bringing open-source solutions into public sector organizations gave me a real sense of purpose because it helped them do what they needed to do in a more cost-effective way. A Linux OS could often be both cheaper and more secure than proprietary alternatives, and the same was true across many of the software categories we entered. It still feels great to be part of a company doing something very similar now — but with an even stronger focus on making open-source consumption safer than ever before. https://lnkd.in/g2HefjSZ
-
Able Palacios shared thisState and local agencies are under pressure to modernize securely while managing smaller teams and tighter budgets. Forrester’s TEI study found that Chainguard Containers delivered: • 233% ROI and <6-month payback • 90% reduction in time spent on vulnerability tracking and remediation • 90% drop in vulnerabilities • Faster delivery cycles and better compliance outcomes In today’s state and local government environment, efficiency isn’t optional. It’s mission-critical.Forrester TEI study: Chainguard Containers delivered 233% return on investmentForrester TEI study: Chainguard Containers delivered 233% return on investment
Able Palacios commented on a post
2w
Congrats. Enjoy what's next.
-
Able Palacios liked thisAble Palacios liked thisImportant announcement from our partners at Chainguard yesterday. Here's what I think it means. https://lnkd.in/dmWM_k_E
-
Able Palacios liked thisAble Palacios liked thisA cyberattack on infrastructure isn’t just a technical problem. It can quickly become a matter of life and death. Cybersecurity experts are warning about the growing threat of cyber-physical attacks targeting the systems that keep our society running. ⚡ Power grids 💧 Water systems 🏥 Hospitals 🚆 Transportation networks 🌾 Food and agriculture 🏭 Manufacturing These attacks don’t just steal data. They disrupt real-world systems, and when those systems fail, communities feel the impact immediately. As someone who has spent decades working at the intersection of cybersecurity and critical infrastructure, this warning should concern all of us. Cybersecurity is no longer just an IT issue. It is about public safety, economic stability, and national resilience. We urgently need: • Stronger information sharing across sectors • Greater collaboration between government, industry, and academia • More focus on protecting operational technology and industrial systems • A workforce prepared to defend our critical infrastructure The question is no longer if cyber-physical attacks will occur. The real question is: Are we ready when they do? 👉 For those working in energy, water, healthcare, transportation, manufacturing, and food & agriculture - what steps is your organization taking to prepare for cyber-physical threats? #CyberSecurity #CriticalInfrastructure #CyberPhysicalSecurity #OperationalTechnology #FoodSecurity #NationalSecurity #Resilience #MissionCriticalCoalition of information-sharing groups warns of cyber, physical attacksCoalition of information-sharing groups warns of cyber, physical attacks
Honors & Awards
-
FY18 SLED Rep of the Year Finalist
Red Hat, Inc.
-
FY16 SLED Rep of the Year Finalist
Red Hat
Recommendations received
1 person has recommended Able
Join now to viewOther similar profiles
Explore more posts
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.
View top content